Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi
I was under the impression that login password would protect my file system in Windows XP & 7. But after accessing NTFS partition from Linux, I think it's not protected.
I have 2 questions:
-------------------
1. Is it possible for someone to mess with Windows registry using Linux (using dual boot)? If so, does Windows have some sort of integrity checks to detect if registry file has been tampered with ? If not, is there a way to protect it ?
2. Is it possible to access files belonging to ext3 partition by using windows or other means(other than using sudo or logging as root) even if file rwx has been disabled for group and others ?
Hi
I was under the impression that login password would protect my file system in Windows XP & 7. But after accessing NTFS partition from Linux, I think it's not protected.
I have 2 questions:
-------------------
1. Is it possible for someone to mess with Windows registry using Linux (using dual boot)? If so, does Windows have some sort of integrity checks to detect if registry file has been tampered with ? If not, is there a way to protect it ?
2. Is it possible to access files belonging to ext3 partition by using windows or other means(other than using sudo or logging as root) even if file rwx has been disabled for group and others ?
Answer #1: In my experience windows does not have an integrity check on the registry for modification protection. It is possible for someone to mess with the registry using freely available tools. One could also import a Windows registry into the wine registry to access keys. There is a way to protect it and that is to encrypt the filesystem. This makes recovery difficult if not impossible if you lose the encryption key/password to your encrypted system. In Windows 7/Vista Ultimate the feature called bitlocker is Windows protecting the filesystem with encryption. You could also use a free tool which works very well called TrueCrypt (google) for Windows, Linux, or Mac. For just Linux there is dm-crypt. For Mac only there is FileVault. And as I've already mentioned a Windows only utility called bitlocker.
Answer #2: It is as easy to mount a Linux partition and modify it with a live disk as it is to mount an NTFS partition. With a live disk permissions don't matter because if necessary the user can take control of any file or folder with chmod and chown. The solution is to use filesystem encryption.
Remember there is no such thing as a 100% secure system. Locks are for honest people and even hard drive encryption has been proven to be circumvented.
Read this princeton research lab article and watch the video on hacking bitlocker (or any hard drive encryption program).
ACLs are all well and good for a logged in system. But remember that you can change ACLs when logged in as root. Using a live cd with a root login without a password still has the same permissions on a filesystem as the actual systems root. It only matters how you mount the filesystem through fstab.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
